Evaluating a Questionable Network Communication

1. A method in a computing system for controlling communication, comprising: in a computing system communicating via a TCP/IP stack, evaluating a new network communication with a network resource by reference to a predefined white list of trusted network addresses that does not include addresses for any unauthenticated network nodes or anonymous proxy servers, by: receiving from the TCP/IP stack an internet protocol (IP) address and port number of a network address corresponding to the network resource; receiving a uniform resource locator (URL) associated with the network resource; determining a first name associated with the IP address, by querying the IP address received from the TCP/IP stack against an assignment database that associates owner names with IP addresses; determining a second name associated with the URL, by querying a domain name of the URL associated with the network resource against an assignment database that associates owner names with domain names; determining a security rating level of the network resource based on: determining whether the IP address and port number of the network address are included in the predefined white list of trusted network addresses; and determining whether the first name matches the second name; and setting an indicator that a communication operation is allowed or not allowed based on the determined security rating level of the network resource.

2. The method of claim 1 , wherein the network resource comprises a network node of one of the following; a network node that has requested a connection, a network node to which a connection request is to be sent, a website, a message sender, and/or a message destination.

3. The method of claim 1 , wherein the determining the security level further comprises: determining a category code indicating a type of information contained in payload data associated with the corresponding network address; and when the determined category code matches a predefined category code of allowed category codes, setting a medium security level, otherwise setting a low security level.

4. The method of claim 1 , wherein the corresponding network address is obtained from a TCP/IP connection request.

5. The method of claim 1 , further comprising: receiving the new network communication from a network resource for the corresponding address; and using a domain name resource to retrieve a domain name associated with the network address.

6. The method of claim 1 , wherein the predefined white list of trusted network addresses comprises a list of network nodes, wherein each network node is associated with at least one of the following; a commercial institution, a website, an anti-virus source, a network service provider, and/or an internet service provider.

7. The method of claim 1 , further comprising: determining which domain name is assigned to the corresponding network address, as a result of the determination, setting the indicator to one of the following: the communication operation is not allowed; a warning is to be provided prior to allowing the communication operation; and/or an instruction is needed from a user to determine whether the communication operation is allowed.

8. The method of claim 1 , wherein the assignment database that associates owner names with IP addresses comprises at least one of the following: an international assignment registry, a regional registry, a local registry, and/or the list of trusted network addresses.

9. The method of claim 1 , further comprising: receiving a function code; determining a communication operation based on the function code; and providing to a user an indication of the communication operation.

10. The method of claim 1 , further comprising: receiving an intermediary network address of an intermediary network node that has relayed the corresponding network address; determining whether the intermediary network address is included in the predefined white list of trusted network addresses; and setting the indicator that the communication operation is not allowed with the received network resource when the intermediary network address is not included in the predefined white list of trusted network addresses.

11. A non-transitory computer readable medium, comprising executable instructions for causing a computing device to perform the method of claim 1 .

12. The method of claim 1 , further comprising: receiving a category code indicating a type of information contained in payload data associated with the corresponding network address, wherein each network address in the predefined white list of trusted network addresses is associated with one or more category codes that are trusted for the network address, and wherein determining whether the IP address and port number are included in the predefined white list of trusted network addresses further comprises determining whether the received category code is indicated in the list of trusted network addresses as trusted for the IP address and the port number of the corresponding network address.

13. The method of claim 1 , further comprising: receiving a category code indicating a type of information contained in payload data associated with the corresponding network address, wherein each network address in the predefined white list of trusted network addresses includes an IP address, and a category code, and wherein determining whether the received corresponding network address and the received category code are included in the predefined white list of trusted network address includes determining whether one of the network addresses in the predefined white list of trusted network addresses includes the IP address and the received category code.

14. The method of claim 1 , wherein the white list of trusted network addresses includes multiple IP addresses of trustworthy nodes, wherein the white list includes, for each of the multiple IP addresses, a port number, a category code that indicates a type of allowable payload data, an owner name, and a domain name.

15. The method of claim 14 , further comprising: selectively providing multiple tiers of security, the multiple tiers including a first tier that evaluates communication based on an IP address, a second tier that evaluates communication based on port number, and a third tier that evaluates communication based on category code.

16. The method of claim 14 , wherein the white list includes a security rating, and further comprising: when the security rating in the white list is a first security rating, automatically evaluating the new network communication without user intervention; and when the security rating in the white list is a second security rating, requiring user interaction to allow the new network communication.

17. A system for controlling communication, comprising: a communication interface for communication with a network resource, the communication interface including a TCP/IP stack; a memory for storing instructions; and a processor in communication with the communication interface and with the memory, wherein the processor is configured to evaluate a new network communication with a network resource by reference to a predetermined white list of trusted network addresses that does not include addresses for any unauthenticated network nodes or anonymous proxy servers, by: receiving from the TCP/IP stack an internet protocol (IP) address and port number of a network address corresponding to the network resource; receiving a uniform resource locator (URL) associated with the network resource; determining a first name associated with the IP address, by querying the IP address received from the TCP/IP stack against an assignment database that associates owner names with IP addresses; determining a second name associated with the URL, by querying a domain name of the URL associated with the network resource against an assignment database that associates owner names with domain names; determining a security rating level of the network resource based on: determining whether the IP address and port number of the network address are included in the predefined white list of trusted network addresses; and determining whether the first name matches the second name; and setting an indicator that a communication operation is allowed or not allowed based on the determined security rating level of the network resource.

18. The system of claim 17 , wherein the corresponding network address further comprises an internal address behind a firewall or a proxy server.

19. The system of claim 17 , wherein the processor further configured to retrieve a domain name associated with the network address corresponding to the network resource.

20. The system of claim 17 , wherein the processor is further configured to: determine which domain name is assigned to the corresponding network address, as a result of the determination, setting the indicator to one of the following: the communication operation is not allowed; a warning is to be provided prior to allowing the communication operation; and an instruction is needed from a user to determine whether the communication operation is allowed.

21. The system of claim 17 , further comprising an output device, and/or wherein the processor is further configured to: receive a function code; determine a communication operation based on the function code; and/or provide to a user an indication of the communication operation.

22. The system of claim 17 wherein the system comprises a general purpose computing device and/or a mobile device.

23. The system of claim 17 , wherein the processor is configured to: receive a category code indicating a type of information contained in payload data associated with the corresponding network address, wherein each network address in the predefined white list of trusted network addresses is associated with one or more category codes that are trusted for the network address, and wherein determining whether the IP address and port number are included in the predefined white list of trusted network addresses further comprises determining whether the received category code is indicated in the list of trusted network addresses as trusted for the IP address and the port number of the corresponding network address.